[strongSwan] Support of PFS for IKE SA

Noel Kuntze noel at familie-kuntze.de
Fri Jun 27 20:58:26 CEST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Sajal,

The "pfs" key is deprecated. It's not used anymore in version > 5.0.0 and isn't interpreted.
If you don't want to use PFS, you need to set algorithms toupels in "esp", that don't contain a seperate key negotiation. (e.g. no dh or ecp).

Regards,
Noel Kuntze

GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 27.06.2014 20:56, schrieb Sajal Malhotra:
> Hi,
> 
> Just wondering if i use DH group in esp cipher suite however keep "pfs=no". Then how does Strongswan charon behave?
> 
> We are facing an issue while using strongswan with a Peer Juniper SRX Device.
> - On Juniper PFS is disabled for configured CHILD_SA
> - On Strongswan as well we have defined "pfs=no". However the esp ciper suite still uses DH group 2. Following is connection configuration:
> 
>   conn CHLD_SA1
> 
>                 ikelifetime=8640s
> 
>                 keyexchange=ikev2
> 
>                 keyingtries=%forever
> 
>                 keylife=8640s
> 
>                 *pfs=no*
> 
>                 reauth=no
> 
>                 rekey=yes
> 
>                 mobike=no
> 
>                 dpdaction=clear
> 
>                 dpddelay=10
> 
>                 rekeymargin=320s
> 
>                 ike=aes128-sha1-modp1024,3des-sha1-modp1024!
> 
>                 esp=3des-sha1-*modp1024,*aes128-sha1-*modp1024!*
> 
>                 authby=rsasig
> 
>                 left=40.40.40.2
> 
>                 leftsubnet=172.18.21.25/32 <http://172.18.21.25/32>
> 
>                 right=30.30.30.2
> 
>                 rightsubnet=10.3.4.38/32 <http://10.3.4.38/32>
> 
>                 leftprotoport=udp/49152
> 
>                 rightprotoport=udp/49152
> 
>                 leftid=192.168.255.230
> 
>                 leftcert=/tmp/cert_16bbc8.pem
> 
>                 rightid=%any
> 
>                 auto=add
> 
> 
> Now I observe that the SA gets established successfully. However the first Rekey attempt made by Strongswan is rejected by Juniper SRX with error "No Proposal Chosen".
> I am just wondering that could it be because we have kept DH2 group proposal in esp ciper suite, wheres on peer pfs is disabled?
> However if this is true, then i am wondering what is the purpose of the parameter "pfs=no". Doesn't strongswan internally handle sending correct proposal while rekeying child SA with "pfs=no" 
> 
> Would appreciate your help in sorting this out.
> 
> Thanks and Regards,
> Sajal
> 
> On Tue, Mar 11, 2014 at 8:14 PM, Tobias Brunner <tobias at strongswan.org <mailto:tobias at strongswan.org>> wrote:
> 
>     Hi Arun,
> 
>     The pfs option has no effect on IKEv2 connections.  It's an option used
>     by the legacy IKEv1 daemon pluto, where it only affected Quick Mode SAs
>     because ISAKMP SAs are always reestablished from scratch, so there
>     always is a DH exchange.
> 
>     IKEv2 does support inline rekeying of IKE_SAs (reauth=no, rekey=yes) and
>     there is always a DH exchange when doing so (see [1]).  To do a DH
>     exchange when rekeying CHILD_SAs with IKEv2 (or IKEv1 since 5.x) you
>     have to configure at least one DH group in the esp cipher suite as you
>     already have in your config.
> 
>     Regards,
>     Tobias
> 
>     [1] http://tools.ietf.org/html/rfc5996#section-2.18
>     _______________________________________________
>     Users mailing list
>     Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
>     https://lists.strongswan.org/mailman/listinfo/users
> 
> 
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTrb7SAAoJEDg5KY9j7GZYyq0QAIbFJN/qiQYZpdg8W6/0URkf
bW5KmG3Ev/p8fOshh1I9TLL7895loK8WBeVzABXFVRzy05qR+c0ow52r6h6ZdJ4p
9w7Z2fyWWeUANGPav0SLF5bewJJDlPFSq1WlmIBt1MLLSLaHCn0CmDMEZI9OR8hf
HONetN5MnKI7jBIPmq4olM7bgUHp43OYdf7aPp6Yi57V3tgv7Yt/odhVjX/RGOB6
YhbpEfIwSgCdas9jDXRTWigAneokkyCGHbjilMSW7VzPn05EtuliPlsBsjpsfKlq
G4+jb4iZj+3rq1ZmnaHqvERLEWD2xR6DWC+Ys0d8+z/8o6ltmdGTqcvGOQrDxgPA
T+TKiSRgTvVFWmpjoBYI62bMWhd6Rlhe7XQlRJztcrtfeDRBRG2bAVnpgHi17CIH
nLsZyvG3k/EBRXT6RcoQZh9gNAfPwifZwIVtkI1pQjSlP1r8M2Kzyrnz1xZx/g2T
G+mluU7BdHcNjv1oAA8a3lh66qvpBqfUtoXDueAlLZYnRlcj/vj1/bIK+oykd239
044tlAkcYpmdSx9X5NPd0pP6uSKMVcmi8omkokxTmjc3tuentN27TE4ZCQlmOjmk
BpVkrhFuiHcehRsZfBSoYL1sr/jgnNRfBqB7317FhyjCR0Z5tTkqAJ9agYo1GkXc
qDWeS16r60yfKpuShRi2
=jR7E
-----END PGP SIGNATURE-----

More information about the Users mailing list